workAround to solve problem with IAIK-JCE and SSL algorithm parameter validation

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2017-07-25 16:12:28 +0200
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2017-07-25 16:12:28 +0200
commit: 122de0a09f42fcc7e2fa0a429df5da37820fd730 (patch)
tree: 75d1ab9874d1d5ead93d5700ff617fbe49c36274 /id/server
parent: 040e51d335d3af127c3894bd5558a484ddd9b9ea (diff)
download: moa-id-spss-122de0a09f42fcc7e2fa0a429df5da37820fd730.tar.gz
moa-id-spss-122de0a09f42fcc7e2fa0a429df5da37820fd730.tar.bz2
moa-id-spss-122de0a09f42fcc7e2fa0a429df5da37820fd730.zip
1 files changed, 22 insertions, 0 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
index 5769d99df..65ea2fd90 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
@@ -44,6 +44,7 @@ import at.gv.egovernment.moa.spss.api.Configurator;
 import at.gv.egovernment.moa.util.MiscUtil;
 import at.gv.egovernment.moaspss.logging.LoggingContext;
 import at.gv.egovernment.moaspss.logging.LoggingContextManager;
+import iaik.asn1.structures.AlgorithmID;
 import iaik.pki.PKIException;
 import iaik.security.ec.provider.ECCelerate;
 import iaik.security.provider.IAIK;
@@ -160,6 +161,8 @@ public class MOAIDAuthInitializer {
         	
         Security.addProvider(new ECCelerate());
         
+        fixJava8_141ProblemWithSSLAlgorithms();
+        
         if (Logger.isDebugEnabled()) {
         	Logger.debug("Loaded Security Provider:");
         	Provider[] providerList = Security.getProviders();
@@ -167,5 +170,24 @@ public class MOAIDAuthInitializer {
         		Logger.debug(i + ": " + providerList[i].getName() + " Version " + providerList[i].getVersion());        		
         	
         }
+      
     }
+    
+    private static void fixJava8_141ProblemWithSSLAlgorithms() {
+    	Logger.info("Change AlgorithmIDs to fix problems with Java8 >= 141 ...");
+        //new AlgorithmID("1.2.840.113549.1.1.4", "md5WithRSAEncryption", new String[] { "MD5withRSA", "MD5/RSA",  }, null, true);
+        new AlgorithmID("1.2.840.113549.1.1.5", "sha1WithRSAEncryption", 
+        		new String[] { "SHA1withRSA" , "SHA1/RSA", "SHA-1/RSA", "SHA/RSA", }, null, true);
+        new AlgorithmID("1.2.840.113549.1.1.14", "sha224WithRSAEncryption", 
+        		new String[] { "SHA224withRSA", "SHA224/RSA", "SHA-224/RSA", }, null, true);
+        new AlgorithmID("1.2.840.113549.1.1.11", "sha256WithRSAEncryption", 
+        		new String[] { "SHA256withRSA", "SHA256/RSA", "SHA-256/RSA",  }, null, true);
+        new AlgorithmID("1.2.840.113549.1.1.12", "sha384WithRSAEncryption", 
+        		new String[] { "SHA384withRSA", "SHA384/RSA", "SHA-384/RSA",  }, null, true);
+        new AlgorithmID("1.2.840.113549.1.1.13", "sha512WithRSAEncryption", 
+        		new String[] { "SHA512withRSA", "SHA512/RSA", "SHA-512/RSA" }, null, true);
+        
+        Logger.info("Change AlgorithmIDs finished");
+    }
+    
 }
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2017-07-25 16:12:28 +0200
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2017-07-25 16:12:28 +0200
commit	122de0a09f42fcc7e2fa0a429df5da37820fd730 (patch)
tree	75d1ab9874d1d5ead93d5700ff617fbe49c36274 /id/server
parent	040e51d335d3af127c3894bd5558a484ddd9b9ea (diff)
download	moa-id-spss-122de0a09f42fcc7e2fa0a429df5da37820fd730.tar.gz moa-id-spss-122de0a09f42fcc7e2fa0a429df5da37820fd730.tar.bz2 moa-id-spss-122de0a09f42fcc7e2fa0a429df5da37820fd730.zip